Thread Info
  • State Suggested Answer
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 9596 views
  • Users 0 members are here
Options
Suggested

Safari & Chrome Expired Certificate Warnings, Invalid Name errors, Websites Blocked, etc.

Paul Murray1

My users and I are almost completely blocked from using known safe https websites without overriding warnings. This problem has only recently arisen in the last few weeks. Invalid name is a big Chrome error notice and privacy warnings are the notices I receive from Safari. I am on the brink of completely uninstalling Sophos Endpoint and Intercept X.


Anyone have a fix for this?

  • 0

    Hi Paul,

    Thanks for reporting this and sorry you're having issues. This isn't something we've seen ourselves and we're keen to learn more.

    Did this start to happen right after the machines joined the EAP or have they been running v10.0.2 for a while?

    Are you able to provide some example of the sites that this is occurring on?

    It would be really helpful for our investigation if you could provide an SDU for analysis. You can upload this as follows:

    • Go into Central, find the device, and click on the generate SDU button
    • Once the sdu is uploaded, post the file name here so we can extract it and take a look

    In the meantime we can suggest trying a temporary workaround of disabling the features that rely on the network extension. This will leave file based protections in place.

    In the central amend, or create new, policies to disable:

    • Threat Protection

        • Real-time Scanning - Internet

          • Scan downloads in progress
          • Block access to malicious websites
        • Remediation
          • Enable threat case creation
          • Protect network traffic
    • Web Control
      • Disable Web Control 

    Once the features are disabled rebooting the machine will ensure the network extension is not loaded and hopefully those sites will be accessible again - we'd be very interested to know if that helps.

    Thanks again for your input and engagement, it really helps.

  • 0 in reply to David Lancaster

    Hi , we were wondering if you'd had the opportunity to give this a try and whether it helped at all?

  • 0 in reply to David Lancaster

    It worked like a charm, but I am super disappointed I had to disable what should be important features to be able to browse normally. 

  • 0 in reply to Paul Murray1

    Understood, we're disappointed too and would love some more details if you'd be willing. That workaround points to an issue in the network extension, or perhaps an incompatibility with other software running on your system. We have been unable to recreate it internally and your feedback would be invaluable.

    Did this start to happen right after the machines joined the EAP or have they been running v10.0.2 for a while?

    Are you able to provide some example of the sites that this is occurring on?

    Do you know if IPv6 is in use:
    To disable IPv6 use the command networksetup -setv6off Ethernet

    It would be really helpful for our investigation if you could provide an SDU for analysis. You can upload this as follows:

    • Go into Central, find the device, and click on the generate SDU button
    • Once the sdu is uploaded, post the file name here so we can extract it and take a look
  • 0 in reply to David Lancaster

    I could not do the SDU, and I do not have time to recreate all of this, unfortunately. I'm already disappointed enough as a an administrator that we have to use the EAP.

    This problem occurred about 3 weeks after the EAP started.

Unfiltered HTML